Add bits for calling from C

Cargo.toml

@@ -9,6 +9,9 @@ documentation = "https://docs.rs/deelevate"
 readme = "README.md"
 keywords = ["UAC", "elevate", "privileges"]
 
+[lib]
+crate-type = ["lib", "staticlib"]
+
 [[bin]]
 name = "eledo"
 path = "bin/eledo.rs"
@@ -21,6 +24,7 @@ path = "bin/normdo.rs"
 name = "eledo-pty-bridge"
 path = "bin/ptybridge.rs"
 
+
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]

README.md

@@ -47,7 +47,7 @@ match token.privilege_level()? {
   streams and process exit status back to the original parent.
 
 ```rust
-use deelevate::spawn_with_reduced_privileges;
+use deelevate::spawn_with_normal_privileges;
 use deelevate::spawn_with_elevated_privileges;
 
 // If we have admin privs, this next line will either spawn a version
@@ -56,7 +56,7 @@ use deelevate::spawn_with_elevated_privileges;
 // The spawn_with_elevated_privileges function works similarly, except
 // that it will only return when the calling process has elevated
 // privs.
-spawn_with_reduced_privileges()?;
+spawn_with_normal_privileges()?;
 
 // If we reach this line it is because we don't have any special privs
 // and we can therefore continue with our normal operation.

examples/spawn.rs

@@ -1,6 +1,6 @@
 //! This example prints the effective privilege output from
 //! `whoami` as well as our understanding of that level
-use deelevate::{spawn_with_reduced_privileges, Token};
+use deelevate::{spawn_with_normal_privileges, Token};
 
 fn whoami() {
     let output = std::process::Command::new("whoami.exe")
@@ -18,6 +18,6 @@ fn main() {
     let level = token.privilege_level().unwrap();
     println!("priv level is {:?}", level);
 
-    spawn_with_reduced_privileges(&token).unwrap();
+    spawn_with_normal_privileges().unwrap();
     println!("now I'm safe to proceed with reduced privs");
 }

src/lib.rs

@@ -16,7 +16,7 @@ pub use bridge::{BridgePtyClient, BridgeServer};
 pub use command::Command;
 #[doc(hidden)]
 pub use pipe::PipeHandle;
-pub use spawn::{spawn_with_elevated_privileges, spawn_with_reduced_privileges};
+pub use spawn::{spawn_with_elevated_privileges, spawn_with_normal_privileges};
 pub use token::PrivilegeLevel;
 pub use token::Token;
 

src/spawn.rs

@@ -31,7 +31,8 @@ fn spawn_with_current_io_streams(token: &Token) -> IoResult<()> {
 /// streams to the new process and to wait for the child process
 /// and then terminate *this* process and exit with the exit code
 /// from the child.
-pub fn spawn_with_reduced_privileges(token: &Token) -> IoResult<()> {
+pub fn spawn_with_normal_privileges() -> IoResult<()> {
+    let token = Token::with_current_process()?;
     let level = token.privilege_level()?;
 
     match level {
@@ -63,7 +64,8 @@ pub fn spawn_with_reduced_privileges(token: &Token) -> IoResult<()> {
 /// streams to the new process and to wait for the child process
 /// and then terminate *this* process and exit with the exit code
 /// from the child.
-pub fn spawn_with_elevated_privileges(token: &Token) -> IoResult<()> {
+pub fn spawn_with_elevated_privileges() -> IoResult<()> {
+    let token = Token::with_current_process()?;
     let level = token.privilege_level()?;
 
     let target_token = match level {
@@ -77,3 +79,58 @@ pub fn spawn_with_elevated_privileges(token: &Token) -> IoResult<()> {
     let proc = bridge_cmd.spawn_with_token(&target_token)?;
     std::process::exit(server.serve(proc)? as _);
 }
+
+/// This function is for use by C/C++ code that wants to test whether the
+/// current session is elevated.  The return value is 0 for a non-privileged
+/// process and non-zero for a privileged process.
+/// If an error occurs while obtaining this information, the program will
+/// terminate.
+#[no_mangle]
+pub extern "C" fn deelevate_is_privileged_process() -> i32 {
+    match Token::with_current_process().and_then(|token| token.privilege_level()) {
+        Ok(PrivilegeLevel::Elevated) | Ok(PrivilegeLevel::HighIntegrityAdmin) => 1,
+        Ok(PrivilegeLevel::NotPrivileged) => 0,
+        Err(e) => {
+            eprintln!(
+                "An error occurred while determining the privilege level: {}",
+                e
+            );
+            std::process::exit(1);
+        }
+    }
+}
+
+/// This function is for use by C/C++ code that wants to ensure that execution
+/// will only continue if the current token has a Normal privilege level.
+/// This function will attempt to re-execute the program in the appropriate
+/// context.
+/// This function will only return if the current context has normal privs.
+#[no_mangle]
+pub extern "C" fn deelevate_requires_normal_privileges() {
+    if let Err(e) = spawn_with_normal_privileges() {
+        eprintln!(
+            "This program requires running with Normal privileges and \
+                  encountered an issue while attempting to run in that context: {}",
+            e
+        );
+        std::process::exit(1);
+    }
+}
+
+/// This function is for use by C/C++ code that wants to ensure that execution
+/// will only continue if the current token has an Elevated privilege level.
+/// This function will attempt to re-execute the program in the appropriate
+/// context.
+/// This function will only return if the current context has Elevated or
+/// High Integrity Admin privs.
+#[no_mangle]
+pub extern "C" fn deelevate_requires_elevated_privileges() {
+    if let Err(e) = spawn_with_elevated_privileges() {
+        eprintln!(
+            "This program requires running with Elevated privileges and \
+                  encountered an issue while attempting to run in that context: {}",
+            e
+        );
+        std::process::exit(1);
+    }
+}